Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

7CCSMSEN Security Engineering > Countermeasures > Flashcards

Countermeasures Flashcards

1
Q

How to prevent buffer overflows?

A
  • Write decent programs
  • Use language with boundary checking
  • Perform an analysis before (static) or during (dynamic) execution
  • Modify how programs are loaded and executed by kernel
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the special and safe languages?

A

Interpreted languages
- Cyclone
- CCured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the tools for static analysis?

A
  • Splint
  • Cqual
  • Metacompilation
  • PREfix / PREfast
  • BOON
  • ITS4, Flawfinder, RATS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the tools for dynamic analysis?

A
  • Purify
  • Valgrind
  • Information flow / taint analysis
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the substitutes for libc ?

A
  • LibSafe
  • Contra Police
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the goal of the containment approach?

A

To limit the damage that a hijacked application can cause
(policy enforcement and sandboxing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the detection approaches?

A

System call analysis: signatures, sequences, control-flow-driven analysis, parameter modelling
Mimicry attacks
Compiler Modifications: boundary checking and integrity checking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is StackGuard?

A

Canary-based solution: a terminator, random or XOR canary is written before return address on the stack.
This value is verified during epilogue before performing return instruction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is non-executable memory?

A

Use stack/heap for storing data not code so it does not need to be executable, if we try to execute code in these regions, it will cause a segmentation fault.
Can be bypassed by return-into-libc attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is return-into-libc?

A

Existing code in standard C library is used instead of injecting and executing shellcode on the stack. Return address over written with address of a libc function. Attacker can execute arbitrary commands by controlling arguments asked into function (e.g. system(“/bin/sh”))

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is ASLR?

A

Address space layout randomisation randomises the position of the heap, the stack, and the code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is soundness?

A

If analysis says that X is true, then X is true
If the program is claimed to be error free, then it really is
No false alarms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is completeness?

A

If X is true, then analysis says X is true
If the program is claimed to be erroneous, then it really is
May get false alarms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

7CCSMSEN Security Engineering (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions